Latest News Articles



--- TLP:WHITE ---

News

− New hacking group ‘Metador’ lurking in ISP networks for months

A previously unknown threat actor that researchers have named 'Metador' has been breaching telecommunications, internet services providers (ISPs), and universities for about two years.

https://www.bleepingcomputer.com/news/security/new-hacking-group-metador-lurking-in-isp-networks-for-months/

− Meta busts first Chinese campaign targeting US midterms

Russian cybercriminals were also caught targeting Europe with anti-Ukraine messages Meta says it has disrupted a misinformation network targeting US political discourse ahead of the 2022 midterm elections – and one that sought to influence public opinion in Europe about the conflict in Ukraine.

https://about.fb.com/wp-content/uploads/2022/09/CIB-Report_-China-Russia_Sept-2022-1.pdf

− Dismantling a Prolific Cybercriminal Empire: REvil Arrests and Reemergence

We’ve recently seen reports that the REvil ransomware gang is back online after the January 2022 arrests of several its members by Russian authorities claiming to dismantle the group and the November 2021 arrests of two members by U.S. authorities.

https://www.trellix.com/en-us/about/newsroom/stories/research/dismantling-a-prolific-cybercriminal-empire.html

Vulnerabilities

− Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild

Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation.

https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/

− Dragon tails: Preserving international cybersecurity research

This paper analyzes a series of Chinese regulatory changes altering vulnerability disclosure practices to assess their impact on the supply of research from China’s significantly productive community. The paper examines disclosure data from a mix of proprietary and open-source codebases, looking across vendor and software types with a simple time-series analysis to look for the impact of recent Chinese regulations.

https://www.atlanticcouncil.org/in-depth-research-reports/report/preserving-international-cybersecurity-research/

Community News

− What happens with a hacked Instagram account – and how to recover it

Had your Instagram account stolen? Don’t panic – here’s how to get your account back and how to avoid getting hacked (again)

https://www.welivesecurity.com/2022/09/26/what-happens-hacked-instagram-account-how-recover/

--- TLP:WHITE ---